home

lsass.exe

prjVerificaEXE

Wave Corporate Sistemas LTDA

The executable lsass.exe has been detected as malware by 6 anti-virus scanners.
Publisher:
Wave Corporate Software  (signed by Wave Corporate Sistemas LTDA)

Product:
prjVerificaEXE

Version:
4.00

MD5:
cf4a421349f10de6677b3f68d1f4cfc6

SHA-1:
c05db2d66ea49f8fdae2d489d02b211f3a8a70cd

SHA-256:
bda209cb4c0752981a590de494e6c3d4dedbe31e3c8a9106cfd16d0cc2e26c82

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
11/15/2024 10:26:00 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/VB-Wird-based
v6.4.7.1.166

IKARUS anti.virus
Trojan-Clicker.Win32.VB.DN
t3scan.1.7.8.0

SUPERAntiSpyware
Trojan.Agent/Gen-Falprod
9638

Vba32 AntiVirus
Trojan.Swisyn
3.12.26.3

ViRobot
Trojan.Win32.A.Swisyn.33760
2011.4.7.4223

Zillya! Antivirus
Trojan.Swisyn.Win32.28085
2.0.0.1966

File size:
35.2 KB (36,072 bytes)

Product version:
4.00

Original file name:
lsass.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\lsass.exe

Digital Signature
Signed by:
Wave Corporate Sistemas LTDA

Authority:
COMODO CA Limited

Valid from:
5/16/2014 1:00:00 AM

Valid to:
5/17/2015 12:59:59 AM

Subject:
CN=Wave Corporate Sistemas LTDA, O=Wave Corporate Sistemas LTDA, STREET="Rua Waltrudes Correa, 297", L=São Paulo, S=São Paulo, PostalCode=05122070, C=BR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5CF9AD4E9073852DEFA5388B9A06D3DD

File PE Metadata
Compilation timestamp:
10/17/2012 6:19:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:T0K0J7ZCmq0HgesIWSIWMWwWExP961AoxhzyF:TLsYPkgPInTvLExPw1Dhzq

Entry address:
0x1490

Entry point:
68, 14, 16, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 1E, D1, 76, E9, C0, D9, FA, 45, 8A, 6B, 26, 3F, D2, 14, A4, FB, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, F8, 02, 00, 00, 00, 00, 56, 65, 72, 69, 66, 69, 79, 45, 58, 45, 00, 00, 38, D7, F6, 02, 00, 00, 00, 00, 01, 00, 04, 00, D8, 1C, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, EC, 1D, 40, 00, 1C, 50, 40, 00, 00, 00, 00, 00, 08, B0, F4, 0C, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
16 KB (16,384 bytes)

Remove lsass.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.